← Back to context Comment by dominicq 11 hours ago :(Sounds super 1337 and I hope it's actually possible somehow. 2 comments dominicq Reply aa-jv 10 hours ago Parse /proc/<pid>/maps to find the relevant target_addr in your process-under-attack. And then its a matter of: $ dd if=shellcode.bin of=/proc/<pid>/mem bs=1 seek=$((target_addr)) ... See also: DDExechttps://github.com/arget13/DDexec jeffbee 4 hours ago What legitimate purpose does this feature serve? Why should a process be able to write into the virtual memory of another process?
aa-jv 10 hours ago Parse /proc/<pid>/maps to find the relevant target_addr in your process-under-attack. And then its a matter of: $ dd if=shellcode.bin of=/proc/<pid>/mem bs=1 seek=$((target_addr)) ... See also: DDExechttps://github.com/arget13/DDexec jeffbee 4 hours ago What legitimate purpose does this feature serve? Why should a process be able to write into the virtual memory of another process?
jeffbee 4 hours ago What legitimate purpose does this feature serve? Why should a process be able to write into the virtual memory of another process?
Parse /proc/<pid>/maps to find the relevant target_addr in your process-under-attack. And then its a matter of:
See also: DDExec
https://github.com/arget13/DDexec
What legitimate purpose does this feature serve? Why should a process be able to write into the virtual memory of another process?